Is there a way to specify multiple cacert files

Can we specify multiple cacert files? I have multiple Elasticsearch clusters configured with the same domain name (e.g. es.xxx.com), and use DNS to decide which Elasticsearch cluster to use. So my logstash output setting is like:

elasticsearch {
    hosts => [ "https://es.xxx.com" ]
    cacert => '/path/to/cacert'
    user => "xxx"
    password => "xxx"
    index => "xxx"
}

Since es.xxx.com may be resolved to differentiations Elasticsearch clusters, and each cluster uses its own cacert, I'd like a way to specify multiple cacert files.

I've tried to put all cacert in the same file (like the following), but only the last one is used.

-----BEGIN CERTIFICATE-----
xxxxxxxxxx
xxxxxxxxxx
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
xxxxxxxxxx
xxxxxxxxxx
-----END CERTIFICATE-----

This is a WAG, but can you try specifying a truststore instead of cacert? It might allow you to have multiple certificates.

Is it possible to support multiple cacert in logstash?

Elasticsearch is able to read and use multiple certificates specified in the same .crt file.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.